{"affected":[],"aliases":[],"details":"\nOpenSSL was updated to fix several security issues:\n\n    * CVE-2015-4000: The Logjam Attack ( weakdh.org ) has been addressed by\n      rejecting connections with DH parameters shorter than 1024 bits.\n      2048-bit DH parameters are now generated by default.\n    * CVE-2015-1789: An out-of-bounds read in X509_cmp_time was fixed.\n    * CVE-2015-1790: A PKCS7 decoder crash with missing EnvelopedContent\n      was fixed.\n    * Fixed a timing side channel in RSA decryption. (bsc#929678)\n\nAdditional changes:\n\n    * In the default SSL cipher string EXPORT ciphers are now disabled.\n      This will only get active if applications get rebuilt and actually\n      use this string. (bsc#931698)\n\nSecurity Issues:\n\n    * CVE-2015-1789\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789>\n    * CVE-2015-1790\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790>\n    * CVE-2015-4000\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000>\n\n","id":"SUSE-SU-2015:1183-2","modified":"2015-06-19T09:33:13Z","published":"2015-06-19T09:33:13Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151183-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/912014"},{"type":"REPORT","url":"https://bugzilla.suse.com/912015"},{"type":"REPORT","url":"https://bugzilla.suse.com/912018"},{"type":"REPORT","url":"https://bugzilla.suse.com/912293"},{"type":"REPORT","url":"https://bugzilla.suse.com/912296"},{"type":"REPORT","url":"https://bugzilla.suse.com/922488"},{"type":"REPORT","url":"https://bugzilla.suse.com/922496"},{"type":"REPORT","url":"https://bugzilla.suse.com/922499"},{"type":"REPORT","url":"https://bugzilla.suse.com/922500"},{"type":"REPORT","url":"https://bugzilla.suse.com/922501"},{"type":"REPORT","url":"https://bugzilla.suse.com/929678"},{"type":"REPORT","url":"https://bugzilla.suse.com/931698"},{"type":"REPORT","url":"https://bugzilla.suse.com/934489"},{"type":"REPORT","url":"https://bugzilla.suse.com/934491"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3570"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-3572"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-8275"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0204"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0205"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0286"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0287"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0288"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0289"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0292"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0293"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1789"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1790"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4000"}],"related":["CVE-2014-3570","CVE-2014-3572","CVE-2014-8275","CVE-2015-0204","CVE-2015-0205","CVE-2015-0286","CVE-2015-0287","CVE-2015-0288","CVE-2015-0289","CVE-2015-0292","CVE-2015-0293","CVE-2015-1789","CVE-2015-1790","CVE-2015-4000"],"summary":"Security update for compat-openssl097g","upstream":["CVE-2014-3570","CVE-2014-3572","CVE-2014-8275","CVE-2015-0204","CVE-2015-0205","CVE-2015-0286","CVE-2015-0287","CVE-2015-0288","CVE-2015-0289","CVE-2015-0292","CVE-2015-0293","CVE-2015-1789","CVE-2015-1790","CVE-2015-4000"]}